can't download panda

Did you try this from safe mode with networking? That might help.

 

My understanding is that you are trying to do the Read Me First tutorial. In that case, you may have beeter luck running these scans from safe mode.

http://forums.majorgeeks.com/showthread.php?t=35407

Instructions are to be running this in safe mode.

 

It will not be running from safe mode.

 

If you are referring to AVG Antivirus, you must uninstall it if you want to keep McAfee's Internet Security Suite installed. It is not a good idea to try and use the Security Suite and then disable or remove a major component of it like the antivirus. It will not play as well and you are wasting more system resource that way. Your other choice is to uninstall ALL of McAfee's Internet Security Suite, keep AVG Antivirus, and install your own firewall, antispyware, etc from separate packages.

[edit] Sorry MA! I did not notice you were back again[/edit]

 

I repeat my question! Are you referring to AVG Antivirus? They also make a program named AVG Antispyware and AVG Anti-Rootkit. Which are you referring too? If you are referring to the log we request in the READ ME, that is not AVG Antivirus. It is AVG Antispyware and will not conflict with McAfee.

 

No problem! If you still cannot get PandaActiveScan to work, just skip it.

 

You did not follow the directions in step 6a of the READ ME. We did not tell you to install BitDefender Antivirus. That would be a violations of what is stated in step # 3 about using only one antivirus. What we ask you do was run the online scanner not install their antivirus program. The same thing was requested for Panda. Were you also trying to install Panda's Antivirus program or were you doing what we requested and trying to run the online scan.

You must uninstall BitDefender Antivirus now. Then reboot before continuing we my next steps.

If you keep blocking cookies you are going to run into problems eventually with various things on many websites. The tribalfusion item you saw while connected here on MGs is just a cookie. And cookies are not problems to worry about. Don't believe what many scanners tell you. Cookies are in most cases helpful and necessary to make your surfing more pleasurable.

Based on your GetRunKey log you also did not properly follow the directions in step 2 of the READ ME. Please go back and follow those instructions in step 2 now.

You also never told us what malware problems you are having! What is the reason for running the READ & RUN ME?

Let's go ahead and fix things that I see!

Uninstall the below old versions of software:
J2SE Runtime Environment 5.0 Update 8
J2SE Runtime Environment 5.0 Update 9
Java 2 Runtime Environment, SE v1.4.2_03

Make sure you reboot after uninstalling the above!

After reboot, now install the current version of Sun Java from: Sun Java Runtime Environment

Now we need to disable Windows Defender to avoid having it block our fixes!

To Disable Windows Defender:

• Open Windows Defender
• Click Tools
• Click General Settings
• Scroll down to Real Time Protection Options
• Uncheck Turn on Real Time Protection (recommended)
• Close Windows Defender

Once your log is clean you can re-enable Windows Defender Real Time Protection.

Continue by downloading a tool we will need - Pocket KillBox

Save it to its own folder somewhere that you will be able to locate it later.

Run HijackThis and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O9 - Extra button: ComcastHSI - {669B269B-0D4E-41FB-A3D8-FD67CA94F646} - http://www.comcast.net/ (file missing)
O9 - Extra button: Support - {8828075D-D097-4055-AA02-2DBFA9D85E8A} - http://www.comcastsupport.com/ (file missing)
O9 - Extra button: Help - {97809617-3937-4F84-B335-9BB05EF1A8D4} - http://online.comcast.net/help/ (file missing)

After clicking Fix, exit HJT.

Now run Pocket Killbox by doubleclicking on killbox.exe
Choose Tools > Delete Temp Files and click Delete Selected Temp Files.
Then after it deletes the files click the Exit (Save Settings) button.
NOTE: Pocket Killbox will only list the added files it is able to find on the system. So when you do the below, if some files do not show in the list after pasting them in, just continue.

Select:

• Delete on Reboot
• then Click on the All Files button.
• Please copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy):

C:\WINDOWS\SYSTEM32\intr32.dll
C:\WINDOWS\SYSTEM32\msmapi32.exe
C:\WINDOWS\SYSTEM32\sumsw32.exe
C:\WINDOWS\SYSTEM32\tkhpttvh.exe
C:\WINDOWS\system32\runsrv32.dll
C:\WINDOWS\system32\adobepnl.dll
C:\WINDOWS\alexaie.dll
C:\WINDOWS\alxie328.dll
C:\WINDOWS\alxtb1.dll
C:\WINDOWS\BTGrab.dll
C:\WINDOWS\dlmax.dll

• Return to Killbox, go to the File menu, and choose Paste from Clipboard.
• Click the red-and-white Delete File button. Click Yes at the Delete on Reboot prompt.

If you receive a PendingFileRenameOperations prompt, just click OK to continue (But please let me know if you receive this message!).

If Killbox does not reboot just reboot your PC yourself.

Now attach the below new logs and tell me how the above steps went.

1. GetRunKey
2. ShowNew
3. HJT

Make sure you tell me how things are working now!

 

Sorry about that! No you don't have Windows Defender installed. I was probably thinking about BitDefender which I already said to uninstall and just added in Windows Defender (because the word Defender was on my mind). Skip that and continue.

 

Just check whatever is there from my list and continue.

 

That is related to the C:\WINDOWS\system32\runsrv32.dll file I had your delete with Killbox.

If you are saying you PC is still sluggish, it is not malware. It is what you are running. Take a long look at the below. This is all of the McAfee software showing in your HJT log. Most of your HJT log is filled with McAfee.

Want to see things speed up? Uninstall McAfee and use some of the tools recomended in the link in my below final steps.


Your logs are clean. If you are not having any other malware problems, it is time to do our final steps:

1. If we used Pocket Killbox during your cleanup, do the below
   • Run Pocket Killbox and select File, Cleanup, Delete All Backups
2. If we used ComboFix you can delete the ComboFix.exe file and associated C:\combofix.txt log that was created.
3. If we user SDFix you can delete all the SDFix related files and folders from your Desktop or whereever you installed it.
4. If we used VundoFix, you can delete the VundoFix.exe file and the C:\VundoFix Backups folder and C:\vundofix.txt log that was created.
5. If we had your run FixWareOut, you can delete the Fixwareout.exe file and the C:\fixwareout folder.
6. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
7. You can delete the ShowNew.Zip and GetRunkey.Zip files and the files that you extracted from the ZIP files. You can also delete the C:\newfiles.txt and C:\runkeys.txt logs that were created
8. If you are running Windows XP or Windows ME, do the below:
   • go back to step 8 of the READ & RUN ME to Disable System Restore which will flush your Restore Points.
   • Then reboot and Enable System Restore to create a new clean Restore Point.
9. After doing the above, you should work thru the below link:
   • How to Protect yourself from malware!

 

You're welcome. Surf Safely!